sarnold@hunt:/tmp/apt/var/lib/apt/lists$ gpg *gpg
Detached signature.
Please enter name of data file: archive.ubuntu.com_ubuntu_dists_precise-backports_Release
gpg: Signature made Wed 10 Jun 2015 01:26:14 AM PDT using DSA key ID 437D05B5
gpg: Good signature from "Ubuntu Archive Automatic Signing Key <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6302 39CC 130E 1A7F D81A 27B1 4097 6EAF 437D 05B5
I believe all the files that were downloaded are genuine, too, though the demonstration is more roundabout than I would like:
sarnold@ hunt:/tmp/ apt/var/ lib/apt/ lists$ grep -f <(sha256sum * | awk '{print $1;}') archive. ubuntu. com_ubuntu_ dists_precise- backports_ Release | grep -v e3b0c44298fc1c1 49afbf4c8996fb9 2427ae41e4649b9 34ca495991b7852 b855 81159cc4bdd832f 68863a16f525705 7d4739fe390ad36 f1dfa 21644 main/binary- i386/Packages 5e336cd53e1d726 5d3c9703f4c04e4 22dc5a9b2637977 41708 14665 main/i18n/ Translation- en 4352906c6feed37 5e98f3a68ac6dc3 af3852ae17925e9 474c0 202 main/i18n/Index ec597f50781606a 9666703c59f35b7 a63905a799ddbf0 719e9 19590 multiverse/ binary- i386/Packages 229d08d311cc5fe 999a9972f2b35cf 433be1acccddc80 27c0c 13610 multiverse/ i18n/Translatio n-en d6be3a728c931f4 a1647797b2dd77a de2924f4385fc92 76a04 202 multiverse/ i18n/Index 80cdb6b010de855 a5b1c7cdd11cc20 0e375100f2653da 4594b 193 restricted/ i18n/Index 7f098850b348aa5 ddc1d3bdf70a342 78bc1b767ec7e06 263e7 219987 universe/ binary- i386/Packages 1d412163f5164b9 92a183696c83cba 35e16852d68f623 1eb19 138954 universe/ i18n/Translatio n-en c4ea9d7f0fc6010 757f7064496877f 665c737fca2a35e 189aa 205 universe/i18n/Index hunt:/tmp/ apt/var/ lib/apt/ lists$ grep -f <(sha256sum * | awk '{print $1;}') archive. ubuntu. com_ubuntu_ dists_precise- backports_ Release | grep -v e3b0c44298fc1c1 49afbf4c8996fb9 2427ae41e4649b9 34ca495991b7852 b855 | wc -l
b19dad02414969
7b9cc62fd4281a
42da384f83de93
5f2fe1e729f1eb
04fe1beea9321f
88b3c3cbfda029
403da8f44040aa
f2229eb5e57ae1
9e3b231b6660ed
8f06375c2c5028
sarnold@
10
sarnold@ hunt:/tmp/ apt/var/ lib/apt/ lists$ sha256sum * | grep -v archive. ubuntu. com_ubuntu_ dists_precise- backports_ Release | grep -v e3b0c44298fc1c1 49afbf4c8996fb9 2427ae41e4649b9 34ca495991b7852 b855 | wc -l
10
sarnold@ hunt:/tmp/ apt/var/ lib/apt/ lists$ gpg *gpg ubuntu. com_ubuntu_ dists_precise- backports_ Release
Detached signature.
Please enter name of data file: archive.
gpg: Signature made Wed 10 Jun 2015 01:26:14 AM PDT using DSA key ID 437D05B5
gpg: Good signature from "Ubuntu Archive Automatic Signing Key <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6302 39CC 130E 1A7F D81A 27B1 4097 6EAF 437D 05B5